我很想知道如何保持php密码安全.
主要问题是:如何从登录表单中将密码作为安全字符串发布?
我一直在检查其他网站如何做到这一点,例如Facebook的.当我登录到Facebook时,根本没有看到我的密码,它看起来像是一个很长的加密字符串.
如何在发布之前将密码字段转换为加密字符串?这是用ajax完成的吗?
干杯
柯
解决方法:
Hypertext Transfer Protocol Secure (HTTPS) is a combination of the Hypertext Transfer Protocol with the SSL/TLS protocol to provide encryption and secure identification of the server. HTTPS connections are often used for payment transactions on the World Wide Web and for sensitive transactions in corporate information systems. HTTPS should not be confused with Secure HTTP (S-HTTP) specified in 07001.
如果您无法为您的站点启用HTTPS并且不想发布明文密码(出于明显的安全原因),请考虑使用Challenge-Response Authentication.
就在google for various PHP/Javascript implementations,挑一个你喜欢的.